[openssl-commits] [openssl] OpenSSL_1_1_0-stable update
Andy Polyakov
appro at openssl.org
Fri Oct 27 09:26:36 UTC 2017
The branch OpenSSL_1_1_0-stable has been updated
via f32a0a951dc8ea3a4c8c4a76e5b3a32f03c47e3d (commit)
via a5034bea281e3b6b79a4ad33c2471afee483d6bc (commit)
from 6d2fbe914c2ead67d0f49f74fabe9e65519dcf91 (commit)
- Log -----------------------------------------------------------------
commit f32a0a951dc8ea3a4c8c4a76e5b3a32f03c47e3d
Author: Andy Polyakov <appro at openssl.org>
Date: Sat Oct 14 10:21:19 2017 +0200
x509v3/v3_utl.c: avoid double-free.
Thanks to David Benjamin for spotting this.
Reviewed-by: Rich Salz <rsalz at openssl.org>
Reviewed-by: Richard Levitte <levitte at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4532)
(cherry picked from commit 432f8688bb72e21939845ac7a69359ca718c6676)
Reviewed-by: Rich Salz <rsalz at openssl.org>
Reviewed-by: Richard Levitte <levitte at openssl.org>
Reviewed-by: Bernd Edlinger <bernd.edlinger at hotmail.de>
(Merged from https://github.com/openssl/openssl/pull/4514)
commit a5034bea281e3b6b79a4ad33c2471afee483d6bc
Author: Andy Polyakov <appro at openssl.org>
Date: Sun Oct 8 20:10:13 2017 +0200
crypto/x509v3/v3_utl.c: fix Coverity problems.
Reviewed-by: Rich Salz <rsalz at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4492)
(cherry picked from commit 32f3b98d1302d4c0950dc1bf94b50269b6edbd95)
Reviewed-by: Rich Salz <rsalz at openssl.org>
Reviewed-by: Richard Levitte <levitte at openssl.org>
Reviewed-by: Bernd Edlinger <bernd.edlinger at hotmail.de>
(Merged from https://github.com/openssl/openssl/pull/4514)
-----------------------------------------------------------------------
Summary of changes:
crypto/x509v3/v3_utl.c | 7 ++++++-
1 file changed, 6 insertions(+), 1 deletion(-)
diff --git a/crypto/x509v3/v3_utl.c b/crypto/x509v3/v3_utl.c
index 7dc9a45..d9cc7c7 100644
--- a/crypto/x509v3/v3_utl.c
+++ b/crypto/x509v3/v3_utl.c
@@ -37,6 +37,7 @@ int X509V3_add_value(const char *name, const char *value,
{
CONF_VALUE *vtmp = NULL;
char *tname = NULL, *tvalue = NULL;
+ int sk_allocated = (*extlist == NULL);
if (name && (tname = OPENSSL_strdup(name)) == NULL)
goto err;
@@ -44,7 +45,7 @@ int X509V3_add_value(const char *name, const char *value,
goto err;
if ((vtmp = OPENSSL_malloc(sizeof(*vtmp))) == NULL)
goto err;
- if (*extlist == NULL && (*extlist = sk_CONF_VALUE_new_null()) == NULL)
+ if (sk_allocated && (*extlist = sk_CONF_VALUE_new_null()) == NULL)
goto err;
vtmp->section = NULL;
vtmp->name = tname;
@@ -54,6 +55,10 @@ int X509V3_add_value(const char *name, const char *value,
return 1;
err:
X509V3err(X509V3_F_X509V3_ADD_VALUE, ERR_R_MALLOC_FAILURE);
+ if (sk_allocated) {
+ sk_CONF_VALUE_free(*extlist);
+ *extlist = NULL;
+ }
OPENSSL_free(vtmp);
OPENSSL_free(tname);
OPENSSL_free(tvalue);
More information about the openssl-commits
mailing list